If you're using a remote object , then your cold fusion server should just have a session id for that particular user.
Thanks for responding.
Here's one solution I found located on http://www.blogna.org/blog/adobe-flash/flex-and-flash-rias-authentication-sessions-scalabi lity/#comment-843
- A user submits their username and password inside a Flex form.
- ColdFusion Server receives the username and password and verifies them against the users in a database.
- If the user is valid, A KEY IS CREATED, stored in the database with a time stamp, then sent back to the user.
- The key is stored in a local variable inside the Flex application.
- Now, any time the application needs to retrieve data from a service that requires the user to be logged in, it will pass the key with the request. So, instead of a method like getUserInfo(), now it will look like getUserInfo(key).
- The service will use the key to determine if the user is authenticated, and if they are, it will send back the appropriate data.
Here are my questions:
1. Do I have to have a key sent back to Flex? Can't I just pull all of the data for that particular user at the time and send it back to Flex?
I guess I'm not understanding first why I need a key or session id from ColdFusion, but if I do, I guess I could create it using the CreateUUID() in ColdFusion, send it back to Flex, store it in a local var and then reference that each time I needed to do something that's user sensitive.
Would that work?
I guess I'd prefer not to use a session ID if I don't have to.